Using IIS10, ASP NET MVC 5
I have enabled dynamic and static compression in IIS and installed both features from Server Maanger. I added the below to my web.config:
<httpCompression directory="%SystemDrive%\inetpub\temp\IIS Temporary Compressed Files">
<scheme name="gzip" dll="%Windir%\system32\inetsrv\gzip.dll" staticCompressionLevel="9" />
<dynamicTypes>
<add mimeType="text/*" enabled="true" />
<add mimeType="message/*" enabled="true" />
<add mimeType="application/x-javascript" enabled="true" />
<add mimeType="application/json" enabled="true" />
<add mimeType="*/*" enabled="false" />
</dynamicTypes>
<staticTypes>
<add mimeType="text/*" enabled="true" />
<add mimeType="message/*" enabled="true" />
<add mimeType="application/x-javascript" enabled="true" />
<add mimeType="application/atom+xml" enabled="true" />
<add mimeType="application/xaml+xml" enabled="true" />
<add mimeType="*/*" enabled="false" />
</staticTypes>
</httpCompression>
<urlCompression doStaticCompression="true" doDynamicCompression="true" />
The css files appear to be served in as gzip compressed and the Response header contains:
content-encoding:gzip
However, when rendered on the browser the css file is not being registering (ie non of the styles are being applied).
Is there a step I have missed?
Ensure that the Dynamic content Compression feature and Static Content Compression are installed.
I'm working on an MVC5 web app but can't make Azure perform dynamic compression on my JsonResults. The following code in my Web.config only works when I run the web app locally, but as soon as I deploy on Azure Web App the compression does not work:
<urlCompression doStaticCompression="true" doDynamicCompression="true" />
<httpCompression>
<dynamicTypes>
<add mimeType="application/json" enabled="true" />
<add mimeType="application/json; charset=utf-8" enabled="true" />
</dynamicTypes>
<staticTypes>
<add mimeType="application/json" enabled="true" />
<add mimeType="application/json; charset=utf-8" enabled="true" />
</staticTypes>
</httpCompression>
I also tried the following, but with no luck:
<urlCompression doStaticCompression="true" doDynamicCompression="true" />
<httpCompression directory="%SystemDrive%\inetpub\temp\IIS Temporary Compressed Files">
<scheme name="gzip" dll="%Windir%\system32\inetsrv\gzip.dll" />
<dynamicTypes>
<add mimeType="application/json" enabled="true" />
<add mimeType="application/json; charset=utf-8" enabled="true" />
</dynamicTypes>
<staticTypes>
<add mimeType="application/json" enabled="true" />
<add mimeType="application/json; charset=utf-8" enabled="true" />
</staticTypes>
</httpCompression>
This issue is really driving me crazy, I see no reason why this shouldn't work, considering that I found these solutions online from people who says that they implemented them successfully. Any idea?
I finally got what the problem was: some antiviruses (including mine, which is Bitdefender) interfere with the data compression mechanism, so from my computer I couldn't see the compression happening, while in reality it was working perfectly using the following Web.config markup:
<urlCompression doStaticCompression="true" doDynamicCompression="true" />
<httpCompression>
<dynamicTypes>
<add mimeType="application/json" enabled="true" />
<add mimeType="application/json; charset=utf-8" enabled="true" />
</dynamicTypes>
<staticTypes>
<add mimeType="application/json" enabled="true" />
<add mimeType="application/json; charset=utf-8" enabled="true" />
</staticTypes>
</httpCompression>
For more info about similar issues, here is an interesting article about it: https://www.stevesouders.com/blog/2009/11/11/whos-not-getting-gzip/
I have a .NET application which uses some images stored in a folder on a server. the folder does not belong to my application. The images in this folder are used as background images of some div within the application. I published the image folder to the web along with my application and so everything work fine. However, Is there a way to limit the access of the folder to my .net application or a setting that can be set so that the content of the folder is not browsable/searchable? Right now, my application uses a url like www.domain.com/iisfoldername/picture.png to set the background of divs. Similarly if you use such URL in a browser, an image will be served. Is it possible to prevent this URL from being served when it is not requested from my application? That is, if someone enters this url in the browser, the image is not displayed, but the image displays when my application requests it.
I know of setting a authentication for a folder. But How can I limit an http request to a user and then impersonate this user(if possible)?
'
EDIT
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=5.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
<section name="system.identityModel" type="System.IdentityModel.Configuration.SystemIdentityModelSection, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
<section name="system.identityModel.services" type="System.IdentityModel.Services.Configuration.SystemIdentityModelServicesSection, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
</configSections>
<appSettings>
<add key="webpages:Version" value="1.0.0.0" />
<add key="ClientValidationEnabled" value="true" />
<add key="UnobtrusiveJavaScriptEnabled" value="true" />
<add key="ida:FederationMetadataLocation" value="https:ccc.com/Federation.xml" />
<add key="ida:Issuer" value="https://ccc.com" />
<add key="ida:ProviderSelection" value="productionSTS" />
</appSettings>
<location path="Federation">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
<system.web>
<authorization>
<deny users="?" />
</authorization>
<authentication mode="None" />
<compilation debug="true" targetFramework="4.5" />
<!--Commented by Identity and Access VS Package-->
<!--<authentication mode="Forms"><forms loginUrl="~/Account/LogOn" timeout="2880" /></authentication>-->
<pages>
<namespaces>
<add namespace="System.Web.Helpers" />
<add namespace="System.Web.Mvc" />
<add namespace="System.Web.Mvc.Ajax" />
<add namespace="System.Web.Mvc.Html" />
<add namespace="System.Web.Routing" />
<add namespace="System.Web.WebPages" />
</namespaces>
</pages>
<httpRuntime targetFramework="4.5" requestValidationMode="4.5" />
<profile defaultProvider="DefaultProfileProvider">
<providers>
<add name="DefaultProfileProvider" type="System.Web.Providers.DefaultProfileProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" applicationName="/" />
</providers>
</profile>
<membership defaultProvider="DefaultMembershipProvider">
<providers>
<add name="DefaultMembershipProvider" type="System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" applicationName="/" />
</providers>
</membership>
<roleManager defaultProvider="DefaultRoleProvider">
<providers>
<add name="DefaultRoleProvider" type="System.Web.Providers.DefaultRoleProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" applicationName="/" />
</providers>
</roleManager>
<sessionState mode="InProc" customProvider="DefaultSessionProvider">
<providers>
<add name="DefaultSessionProvider" type="System.Web.Providers.DefaultSessionStateProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" />
</providers>
</sessionState>
</system.web>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-2.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="itextsharp" publicKeyToken="8354ae6d2174ddca" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-5.4.3.0" newVersion="5.4.3.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
<entityFramework>
<defaultConnectionFactory type="System.Data.Entity.Infrastructure.SqlConnectionFactory, EntityFramework" />
</entityFramework>
<connectionStrings>
</connectionStrings>
<system.webServer>
<modules>
<remove name="FormsAuthentication" />
<add name="WSFederationAuthenticationModule" type="System.IdentityModel.Services.WSFederationAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />
<add name="SessionAuthenticationModule" type="System.IdentityModel.Services.SessionAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />
</modules>
</system.webServer>
<system.identityModel>
<identityConfiguration>
<audienceUris>
<add value="https://localhost/App/" />
</audienceUris>
<!--Commented by Identity and Access VS Package-->
<!--<issuerNameRegistry type="System.IdentityModel.Tokens.ValidatingIssuerNameRegistry, System.IdentityModel.Tokens.ValidatingIssuerNameRegistry"><authority name="LocalSTS"><keys><add thumbprint="9B74CB2F320F7AAFC156E1252270B1DC01EF40D0" /></keys><validIssuers><add name="LocalSTS" /></validIssuers></authority></issuerNameRegistry>-->
<!--certificationValidationMode set to "None" by the the Identity and Access Tool for Visual Studio. For development purposes.-->
<certificateValidation certificateValidationMode="None" />
<issuerNameRegistry type="System.IdentityModel.Tokens.ValidatingIssuerNameRegistry, System.IdentityModel.Tokens.ValidatingIssuerNameRegistry">
<authority name="http://ccc.com">
<keys>
<add thumbprint="BA86062DD810B95F49FBF85F448507D63D15FB92" />
</keys>
<validIssuers>
<add name="http://ccc.com" />
</validIssuers>
</authority>
</issuerNameRegistry>
</identityConfiguration>
</system.identityModel>
<system.identityModel.services>
<federationConfiguration>
<cookieHandler requireSsl="true" />
<wsFederation passiveRedirectEnabled="true" issuer="https://ccc.com/" realm="https://localhost/App/" requireHttps="true" />
</federationConfiguration>
</system.identityModel.services>
</configuration>
Given your configuration, I believe your best option is to use URL rewriting. In this case, redirect users to a "fake" image if they are requesting images directly or as referred from some other website (but allowing access to them if referred from a page in your application).
To accomplish this, use Microsoft's IIS URL Rewrite extension, which you can download here:
http://www.iis.net/downloads/microsoft/url-rewrite
Once it is installed on your server, configure it by adding the following to your web.config (since you already have a system.webServer section in your web.config, just add the "rewrite" node into it). Note the inline comments and replacements required.
<system.webServer>
<rewrite>
<rules>
<rule name="Whitelist Image Access" stopProcessing="true">
<!-- Evaluated for all image file requests -->
<match url="(?:jpg|jpeg|png|gif|bmp)$" />
<conditions>
<!--
Rule applies when user tries to access URL directly (no referrer)
-->
<add input="{HTTP_REFERER}" matchType="Pattern" pattern="^$" ignoreCase="true" />
<!--
Rule does NOT apply when pages on our site are the referrer
*** NOTE: Replace "ccc" and "com" with appropriate parts form your domain ***
-->
<add input="{HTTP_REFERER}" matchType="Pattern" pattern="^https?://(.*\.)?ccc\.com/.*$" ignoreCase="true" negate="true" />
<!--
Rule does NOT apply when accessing the replacement image when real ones are refused
*** NOTE: replace "no_access.png" with the name of the "fake" image you want to use ***
-->
<add input="{REQUEST_FILENAME}" matchType="Pattern" pattern="no_access.png" ignoreCase="true" negate="true" />
</conditions>
<!--
Temporary redirect (status code 307) to "fake" image
*** NOTE: Replace the URL below with the "fake" image URL ***
-->
<action type="Redirect" url="http://ccc.com/images/no_access.png" appendQueryString="false" redirectType="Temporary" />
</rule>
</rules>
</rewrite>
</system.webServer>
I'm experiencing a problem when using Sitecore MVC 3 rendering with GZip content compression.
I followed the blog post of John West, how to enable MVC in Sitecore.
Until now it works perfectly, the pages are rendered. But if I run the page on IIS and enable content compression (gzip), the page doesn't load. I get a "Content Encoding Error" in Firefox. Other browser display various error messages.
Has somebody experienced similar issues? Do you have any idea what the problem may be? Where should I start checking? I have to use compression on the pages.
We are using Sitecore 6, Update 5: "Sitecore 6.6.0 rev. 130404"
Could this be a Sitecore bug?
EDIT 1: I am also running ASP.NET WebForms on the Sitecore instance and it works fine also with gzip compression.
EDIT 2: I have 'dynamicCompressionBeforeCache' enabled. My web.config related to gzip config:
<httpCompression directory="%SystemDrive%\inetpub\temp\IIS Temporary Compressed Files">
<scheme name="gzip" dll="%Windir%\system32\inetsrv\gzip.dll" />
<dynamicTypes>
<add mimeType="text/*" enabled="true" />
<add mimeType="message/*" enabled="true" />
<add mimeType="application/javascript" enabled="true" />
<add mimeType="*/*" enabled="false" />
</dynamicTypes>
<staticTypes>
<add mimeType="text/*" enabled="true" />
<add mimeType="message/*" enabled="true" />
<add mimeType="application/javascript" enabled="true" />
<add mimeType="*/*" enabled="false" />
</staticTypes>
</httpCompression>
<urlCompression doStaticCompression="true" doDynamicCompression="true" dynamicCompressionBeforeCache="true" />
Sitecore confirmed that they can reproduce the issue. When setting dynamicCompressionBeforeCache="true", the encoding does not work correctly for some reason.
One solution is to remove this setting. After applying dynamicCompressionBeforeCache="false" it works fine.
You should probably enable gzip in your web.config
<system.webServer>
<httpCompression directory="%SystemDrive%\inetpub\
temp\IIS Temporary Compressed Files">
<scheme name="gzip" dll="%Windir%\system32\inetsrv\gzip.dll"/>
<dynamicTypes>
<add mimeType="text/*" enabled="true"/>
<add mimeType="message/*" enabled="true"/>
<add mimeType="application/javascript" enabled="true"/>
<add mimeType="*/*" enabled="false"/>
</dynamicTypes>
<staticTypes>
<add mimeType="text/*" enabled="true"/>
<add mimeType="message/*" enabled="true"/>
<add mimeType="application/javascript" enabled="true"/>
<add mimeType="*/*" enabled="false"/>
</staticTypes>
</httpCompression>
<urlCompression doStaticCompression="true" doDynamicCompression="true"/>
</system.webServer>
There are a few more tricks here
Setting the gzip compression in asp.net
I am facing a problem while trying to use GZip .
I have used the below entries in my config files i.e., applicationHost.config and web.config
<httpCompression>
<staticTypes>
<add mimeType="text/*" enabled="true" />
<add mimeType="*/*" enabled="false" />
</staticTypes>
<dynamicTypes>
<add mimeType="text/*" enabled="true" />
<add mimeType="*/*" enabled="false" />
</dynamicTypes>
<scheme name="gzip" dll="%Windir%\system32\inetsrv\gzip.dll" dynamicCompressionLevel="4" />
</httpCompression>
<urlCompression doDynamicCompression="true" doStaticCompression="true"/>
I have my application being deployed on IIS 7.5.
I have seen these suggestions over the net and I happen to hear that I would not need an exclusive stream code to be written. An entry to config file would suffice.
But still I get an error when my WCF service returns me a collection object with records over 1000. The object is a serializable object.
Please help me in this issue